The Broken Shield: Exclusive Study Finds Popular Free Mobile VPNs Leak Data and Track Users When you download… The post Free Mobile VPNs Leak Data and Track Users – Research appeared first on Hackers Online Club. This article has been…
Category: EN
This new Windows malware can take over your PC and wipe it clean
GigaWiper is a remote access Trojan that can spy on victims and permanently wipe their systems in three different ways. This article has been indexed from Malwarebytes Read the original article: This new Windows malware can take over your PC…
Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire This article has been indexed from www.infosecurity-magazine.com Read the original article: Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn
Cybersecurity Negotiator Gets 70 Months for Helping BlackCat Extort Victims
Former ransomware negotiator Angelo Martino gets 70 months in prison for helping BlackCat extort US victims and misuse confidential client data in cyberattacks. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
How Check Point Email Security Stopped a Student Job Scam Before It Reached the Inbox
A student receives what looks like a routine summer job offer from a trusted school account. The link goes to Google Forms. The email passes authentication. There is no malware, no fake login page, and no strange-looking domain. To the…
New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic
The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat cluster may appear like a low-sophistication, high-activity operation that propagates…
KDDI data breach exposes 12M people
Japanese telecommunications company KDDI has confirmed a significant data breach affecting roughly 12 million individuals after attackers gained unauthorized access to an email platform serving five internet service providers in Japan. This article has been indexed from CyberMaterial Read the…
Accenture Data Breach: 35GB Source Code Stolen
Accenture has confirmed a security incident following claims by a cybercriminal that they breached the global technology consulting firm and stole more than 35 gigabytes of sensitive data. This article has been indexed from CyberMaterial Read the original article: Accenture…
Blip: Free cross-platform file-sharing app
A new file-sharing application called Blip offers simplified device-to-device file transfers across multiple platforms with no size restrictions. This article has been indexed from CyberMaterial Read the original article: Blip: Free cross-platform file-sharing app
ESMA launches crypto custody oversight under MiCA
The European Securities and Markets Authority has initiated a formal supervisory review process for cryptocurrency custody providers operating under the European Union’s Markets in Crypto-Assets regulatory framework. This article has been indexed from CyberMaterial Read the original article: ESMA launches…
CIRCIA cyber incident reporting rules finalization expected
The Cybersecurity and Infrastructure Security Agency is preparing to finalize long-awaited cyber incident reporting regulations under the Cyber Incident Reporting for Critical Infrastructure Act. This article has been indexed from CyberMaterial Read the original article: CIRCIA cyber incident reporting rules…
Linux FUSE Vulnerability Allows Unprivileged Users to Pop a Root Shell
A newly disclosed Linux kernel vulnerability in the FUSE subsystem allows unprivileged local users to escalate privileges to root by corrupting the page cache and hijacking execution of a SUID binary such as /usr/bin/su on Ubuntu 26.04. Tracked as CVE-2026-31694,…
Hackers Exploit CitrixBleed 2 to Hijack MFA-Protected Sessions and Deploy DragonForce Ransomware
Threat actors are exploiting the CitrixBleed 2 vulnerability, tracked as CVE-2025-5777, to hijack active NetScaler sessions protected by multi-factor authentication and gain a foothold in enterprise environments. The activity indicates a standardized operator playbook, potentially operated by an initial access…
Forg365 PhaaS Uses Telegram and AI Lures to Hijack Microsoft 365 Accounts
Forg365 is a commercial phishing-as-a-service (PhaaS) platform specifically targeting Microsoft 365 users. It employs methods such as device-code phishing, adversary-in-the-middle (AiTM) workflows, AI-assisted lure generation, and token persistence tools. The platform’s onboarding process through Telegram, subscription model, and post-compromise features…
Ransomware Never Stopped: Over 9,000 Confirmed Attacks Since 2018
Ransomware remains above 1,400 attacks yearly since 2023. Qilin leads in 2026, while the U.S. remains the main target. Ransomnews has independently confirmed 9,291 ransomware attacks worldwide between January 2018 and July 2026, tracking incidents only when verified through victim…
Hackers are Turning AI Gateways as Attack Surfaces to Compromise Enterprise Networks
AI gateways are increasingly being targeted as organizations connect generative AI applications to cloud services such as Amazon Bedrock. These gateways sit between users, business applications, and large language models, making them an attractive entry point into enterprise networks. Darktrace…
Linux Kernel FUSE Vulnerability Lets Attackers Gain Root Privileges
A Linux kernel vulnerability in the FUSE subsystem can allow a local attacker to gain root privileges by overflowing the page cache with attacker-controlled directory entries. The flaw is tracked as CVE-2026-31694 and affects the code path used when the…
GNU Guix Vulnerabilities Allow Remote Privilege Escalation via Malicious Binary Substitutes
GNU Guix has disclosed four serious security vulnerabilities affecting its package substitution and channel-management features. Three flaws in the guix substitute utility can enable remote privilege escalation, corruption of stored data, and local disclosure of files readable by the build…
Malicious Windows Shortcuts Use PowerShell and Node.js to Enable Remote Code Execution
A malicious Windows shortcut is being used to turn a routine download into a full remote-code-execution foothold. The campaign begins with convincing booking-themed spam and steers victims toward a ZIP archive that conceals a booby-trapped LNK file. One click can…
Hackers Can Go From CitrixBleed 2 Exploitation to Ransomware in Under an Hour
A critical Citrix flaw is giving intruders a fast route from an internet-facing gateway to a ransomware event. The activity centers on CitrixBleed 2, tracked as CVE-2025-5777, which can expose memory from affected NetScaler ADC and Gateway appliances before a…